Results 1 to 9 of 9

Thread: NetHunter Scripts for an easy Pentest

  1. #1
    Join Date
    2014-Sep
    Posts
    38

    Post NetHunter Scripts for an easy Pentest

    Hi all,
    I opened this new thread in order to post scripts that can be used for a fast pentesting
    I will try to compile and post some APK for fast interaction with Kali.

  2. #2
    Thanks xaxaxa! Perhaps you can post the source too, and when we have enough, we'll start a github repository for these?

  3. #3
    Join Date
    2014-Sep
    Posts
    38
    @muts

    Yes I will post source and everything later today.
    I like NetHunter and hopefully we can make it future Pentest ARM system

  4. #4
    Join Date
    2014-Sep
    Posts
    72
    Here is my contribution!

    A nice Wifi AP Obfuscator:
    https://github.com/lostincynicism/FuzzAP

    Wifi AP jammer and deauth utility. Good for capturing auth packets!
    https://github.com/DanMcInerney/wifijammer

    A vulnerable "Bank" app for android to test different attacks:
    https://github.com/dineshshetty/Android-InsecureBankv2

    And my very own script (Based on an exploit), a utility that removes lockscreen passwords on Anything before KitKat:
    https://github.com/photonicgeek/Kali...move%20Lock.sh
    (Specifically based off of this)

    Have fun!
    Last edited by photonicgeek; 2014-09-30 at 14:51.

  5. #5
    Join Date
    2014-Sep
    Posts
    38
    Nmap Bash script for fast network scan incl. service discovery.

    This is version 1.0, I will add more features to it later. An apk for every bash script will be done and will be posted here.

    Code:
    #!/bin/bash
    # Script to scan current network using Nmap


    interface_select(){
    clear
    echo "Select which interface to scan on [1-4]:"
    echo
    echo "1. eth0 (USB Ethernet adapter)"
    echo "2. wlan0 (internal Wifi)"
    echo "3. wlan1 (USB TP-Link adapter or other)"
    echo "4. at0 (Use with EvilAP)"
    echo
    read -p "Choice [1-4]: " interfacechoice


    case $interfacechoice in
    1) interface=eth0 ;;
    2) interface=wlan0 ;;
    3) interface=wlan1 ;;
    4) interface=at0 ;;
    *) interface_select ;;
    esac
    }


    one_two(){
    read -p "Choice [1-2]: " input
    case $input in
    [1-2]*) echo $input ;;
    *) one_two ;;
    esac
    }


    start_the_scan(){


    network=$(ifconfig $interface | awk -F ":"'/inet addr/{split($2,a," ");print a[1]}'|awk -F'.''{print $1"."$2"."$3"."}')


    cd /captures/nmap/


    filename1="/captures/nmap/host_scan_$(date +%F-%H%M).txt"
    filename2="/captures/nmap/service_scan_$(date +%F-%H%M).txt"



    myip=$(ifconfig $interface | awk -F ":" '/inet addr/{split($2,a," ");print a[1]}')##thanks to secjunkie
    sed -i "/$myip/d" $filename1 ##thanks to secjunkie


    nmap -sP $network* -oG $filename1##thanks to secjunkie
    echo
    echo "Scan results saved to $filename1"
    echo


    echo "[?] Run a service scan against the discovered?"
    echo
    echo "1. Yes"
    echo "2. No"
    echo


    scandiscov=$(one_two)


    if [ $scandiscov -eq 1 ]; then
    nmap -sV $network* |tee $filename2
    echo
    echo "Results completed saved to $filename2"
    echo
    echo
    fi
    }


    interface_select
    start_the_scan


    Last edited by xaxaxa; 2014-09-30 at 19:09.

  6. #6
    Join Date
    2014-Sep
    Location
    UK
    Posts
    12
    Nice post @xaxaxa many thanks two typos though

    (missing spaces)
    Code:
    network=$(ifconfig $interface | awk -F ":" '/inet addr/{split($2,a," ");print a[1]}'|awk -F '.' '{print $1"."$2"."$3"."}')
    (" not ”)
    Code:
    echo "3. wlan1 (USB TP-Link adapter or other)”
    there is a directory for that kind of output in /captures/nmap btw

    and finally if you add
    Code:
    myip=$(ifconfig $interface | awk -F ":" '/inet addr/{split($2,a," ");print a[1]}')
    and
    Code:
    sed -i "/$myip/d" $filename1
    and change your first nmap to
    Code:
    nmap -sP $network* -oG $filename1

    you can skip scanning yourself
    Last edited by secjunkie; 2014-09-30 at 17:22. Reason: im an idiot

  7. #7
    Join Date
    2014-Sep
    Posts
    38
    @secjunkie,

    Great. I will do my best to post some others this week due my busy schedule.
    I want also to do the apk's for easy user interaction

  8. #8
    Join Date
    2014-Nov
    Posts
    1
    Hey everybody, after chmod 775 the script, I attempt to run it from the Kali Terminal emulator "./scan.sh" ... no luck. The script won't open. PLEASE steer me in the right direction? Many thanks!

  9. #9
    Join Date
    2014-Nov
    Posts
    42
    And my very own script (Based on an exploit), a utility that removes lockscreen passwords on Anything before KitKat:
    https://github.com/photonicgeek/Kali...move%20Lock.sh 404 not found can you update link please.

Similar Threads

  1. can easy-creds be used with nethunter ?
    By nikki81 in forum NetHunter General Questions
    Replies: 0
    Last Post: 2016-03-04, 11:26
  2. GTX 470 EVGA for pentest use?
    By tnraines in forum General Archive
    Replies: 2
    Last Post: 2015-03-18, 13:11

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •